← Legacy view v2 (rp.*)

ant-design/ant-design-pro

https://github.com/ant-design/ant-design-pro · lang: typescript · LOC: · source: corpus_mined

Quality
59.4
Grade C
Security
61.8
Findings
7
0 critical · 0 high
Status
completed
May 15, 2026 02:34
info: 6 low: 1
Top rules by occurrence
RuleSeverityCount
SEC015 Insecure Randomness for Security medium 4
SEC006 XSS Risk high 2
SEC020 Secret Printed to Logs high 1
First 7 findings (severity-sorted)
low SEC006 XSS Risk
public/scripts/loading.js:7 · conf 0.40 
[SEC006] XSS Risk: Direct HTML injection without sanitization.
info SEC006 XSS Risk
src/pages/dashboard/analysis/utils/Yuan.tsx:10 · conf 0.15 
[SEC006] XSS Risk: Direct HTML injection without sanitization.
info SEC015 Insecure Randomness for Security
· conf 0.20 
[SEC015] Insecure Randomness for Security (and 8 more): Same pattern found in 8 additional files. Review if needed.
info SEC015 Insecure Randomness for Security
cloudflare-worker/src/data/dashboard.ts:18 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
mock/listTableList.ts:22 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
mock/utils.ts:118 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC020 Secret Printed to Logs
scripts/i18n-remove.js:190 · conf 0.10 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/84dd6171-acac-4548-ab7a-3717d8b0d87a/.